From 7c926131853d7ae4c01d3403c83c822e6922550a Mon Sep 17 00:00:00 2001 From: Charlie Chen Date: Thu, 25 Mar 2021 14:02:43 +0800 Subject: [PATCH] Allow Exoplayer access to the vstream-secure heap for secure playback Fixes the following denials: avc: denied { read } for name="name" dev="sysfs" ino=63727 \ scontext=u:r:mediacodec:s0 tcontext=u:object_r:sysfs:s0 tclass=file \ permissive=0 avc: denied { read } for name="name" dev="sysfs" ino=63743 \ scontext=u:r:mediacodec:s0 tcontext=u:object_r:sysfs:s0 tclass=file \ permissive=0 avc: denied { read } for name="name" dev="sysfs" ino=64010 \ scontext=u:r:mediacodec:s0 tcontext=u:object_r:sysfs:s0 tclass=file \ permissive=0 Bug: 182525521 Test: no more denials and able to play video via ExoPlayer App Change-Id: I21033bc78858fd407c16d2cd2df4549f97273221 --- whitechapel/vendor/google/file_contexts | 4 ---- whitechapel/vendor/google/genfs_contexts | 3 +++ 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/whitechapel/vendor/google/file_contexts b/whitechapel/vendor/google/file_contexts index 2a9aaf08..d1801efd 100644 --- a/whitechapel/vendor/google/file_contexts +++ b/whitechapel/vendor/google/file_contexts @@ -420,10 +420,6 @@ /dev/dma_heap/vstream-secure u:object_r:dmabuf_system_secure_heap_device:s0 -# Video sysfs files -/sys/devices/platform/mfc/video4linux/video6/name u:object_r:sysfs_video:s0 -/sys/devices/platform/mfc/video4linux/video7/name u:object_r:sysfs_video:s0 - # BigOcean /dev/bigocean u:object_r:video_device:s0 diff --git a/whitechapel/vendor/google/genfs_contexts b/whitechapel/vendor/google/genfs_contexts index 60b9cb2c..69e9dd2c 100644 --- a/whitechapel/vendor/google/genfs_contexts +++ b/whitechapel/vendor/google/genfs_contexts @@ -243,3 +243,6 @@ genfscon sysfs /devices/platform/bigocean/sscoredump/sscd_bigocean/report_count genfscon sysfs /devices/platform/debugcore/sscoredump/sscd_debugcore/report_count u:object_r:sysfs_sscoredump_subsystem_report_count:s0 genfscon sysfs /devices/platform/mfc-core/sscoredump/sscd_mfc-core/report_count u:object_r:sysfs_sscoredump_subsystem_report_count:s0 genfscon sysfs /devices/platform/wlan/sscoredump/sscd_wlan/report_count u:object_r:sysfs_sscoredump_subsystem_report_count:s0 + +# mediacodec +genfscon sysfs /devices/platform/mfc/video4linux/video u:object_r:sysfs_video:s0